Xen: domctl Lock Open to Abuse (XSA-492)

To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these operations may not be executed in parallel, so a system-wide lock is used. The way that lock is acquired is, however, not providi...

Xen: x86 Mismatched Mapcache Metadata (XSA-494)

Some shadow paging errors paths will switch the page-tables without updating the currently running vCPU reference. This causes a mismatch between the loaded page-tables and the mapcache metadata which can lead to corruption of the mapcache. This can result in privilege escalation, Denial of Servi...

Xen: Xenstored DoS by unprivileged domain (XSA-481)

Any guest issuing a Xenstore command accessing a node using the illegal node path '/local/domain/', will crash xenstored due to a clobbered error indicator in xenstored when verifying the node path. Note that the crash is forced via a failing assert statement in xenstored. In case xenstored is...

Astra Linux – Vulnerability in Linux 5.10, Linux

The fix for XSA-423 added logic to the Linux’ netback driver to handle cases where a packet is split by a frontend, resulting in not all of the headers being together in one piece. Unfortunately, the introduced logic did not account for the extreme case where the entire packet is split into as ma...

ALPINE-CVE-2026-31786

In the Linux kernel, the following vulnerability has been resolved: Buffer overflow in drivers/xen/sys-hypervisor.c The build id returned by HYPERVISORxenversionXENVERbuildid is neither NUL terminated nor a string. The first causes a buffer overflow as sprintf in buildidshow will read and copy ti...

CVE-2026-31787 xen/privcmd: fix double free via VMA splitting

In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: fix double free via VMA splitting privcmdvmops defines .close privcmdclose, but neither .maysplit nor .open. When userspace does a partial munmap on a privcmd mapping, the kernel splits the VMA via splitvma. Since...

CVE-2026-31786

The CVE-2026-31786 issue affects the Linux kernel in drivers/xen/sys-hypervisor.c, where HYPERVISOR_xen_version(XENVER_build_id) returned a build_id that is not NUL-terminated, causing a buffer overflow via sprintf in buildid_show. The root cause is that the build_id was not treated as a proper s...

CVE-2026-31788

In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: restrict usage in unprivileged domU The Xen privcmd driver allows to issue arbitrary hypercalls from user space processes. This is normally no problem, as access is usually limited to root and the hypervisor will den...

CVE-2026-31788

In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: restrict usage in unprivileged domU The Xen privcmd driver allows to issue arbitrary hypercalls from user space processes. This is normally no problem, as access is usually limited to root and the hypervisor will den...

SUSE CVE-2026-31788

In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: restrict usage in unprivileged domU The Xen privcmd driver allows to issue arbitrary hypercalls from user space processes. This is normally no problem, as access is usually limited to root and the hypervisor will den...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003978)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003978 advisory. Guests can trigger deadlock in Linux netback driver This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond ...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001728)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001728 advisory. Guests can trigger deadlock in Linux netback driver This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond ...

Fedora 41 : xen (2025-48dc1c8c79)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-48dc1c8c79 advisory. Incorrect removal of permissions on PCI device unplug XSA-476, CVE-2025-58149 ---- x86: Incorrect input sanitisation in Viridian hypercalls XSA-475,...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989449)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989449 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercal...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990300)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990300 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercal...

EUVD-2017-16263

Malware in sbrugna...

EUVD-2021-15345

Malware in sbrugna...

EUVD-2017-2553

Malware in sbrugna...

EUVD-2017-2557

Malware in sbrugna...

EUVD-2017-2560

Malware in sbrugna...